Way back in old and boring January of this year, Microsoft announced they would be working together with the Windows Phone 7 homebrew community, with the goal of creating a stable, supported way for homebrew developers and people interested in homebrew applications to enable side-loading on their WP7 devices. Well, they took their sweet time, but the ChevronWP7 team (Rafael Rivera, Chris Walsh, and Long Zheng) and Microsoft have just announced the results.

Free of charge, not for commercial use. Application is signed by Nokia for use on one single phone, then put online for 30 days and kept usable for 3 years. Access to relatively "sensitive" capabilities (power management, system settings alteration).

Only for corporate developers. Requires a special certificate costing $200/year. Access to even more sensitive capabilities (direct communication with device drivers essentially). Deployment on up to 1000 devices, with the same 3-year validity limit as before. The application is still checked and certified by Nokia before signing.

Only for corporate devs. Require the aforementioned certificate, plus a $10 token per signed application. Allows devs to sign their applications themselves (although they are still subject to random audit by Nokia). Applications are freely deployed, and their certificates have a 10-year validity limit. Access to same capabilities as Signed Online.

Similar to before, but the token costs $150 and applications must be submitted to some sort of VIP signing service that's trusted by Nokia (Sogeti HT). Applications may get full access to the device, although some capabilities require agreement with device manufacturers (ex : accessing the unprotected version of DRMd content, altering application's security capabilities and other system files).

Yes and no. The problem with Open Signed Online is that you can't easily redistribute your software, as every new user will have to contact Nokia and repeat the signing process again.

As "superior" signing methods require you to sign on the behalf of a company, I guess that homebrew must stick with self-signed, which has several limitations (you are limited with basic user-mode applications rights, no advanced system capabilities) and displays a warning each time the application is installed.

Thankfully, I was wrong about self-signed applications : they'll work on any device, provided that the user has disabled certificate checks and that he accepts the warning. They just have limited capabilities.